te
Portions Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
This manual page is derived from documentation obtained from the OpenSC organization (www.opensc-project.org). This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
pklogin_finder 1 "18 Jan 2012" "SunOS 5.12" "User Commands"
NAME
pklogin_finder - map certificates into a user
SYNOPSIS

/usr/lib/pam_pkcs11/pklogin_finder [debug] [config_file=filename]
DESCRIPTION

pklogin_finder uses the pam_pkcs11 library infrastructure to interactively map a PKCS#11 provided certificate to a user.

pklogin_finder uses the same configuration file and arguments than pam_pkcs11(5) PAM module. It loads defined mapper modules and tries to find a map between found certificates and a user login.

OPTIONS

The following options are supported:

config_file=fileame

Set the configuration file. The default value is /etc/security/pam_pkcs11/pam_pkcs11.conf.

debug

Enable debugging output. The default is no debug.

As it uses the same configuration file as pam_pkcs11(5), all of the pam_pkcs11 options are available. Some of these options make no sense in a non-PAM environment, and are therefore ignored. Some mapper options (mapfile, ignorecase) have no effect on certificate contents, and they are ignored as well.

EXIT STATUS

The following exit values are returned:

0

Successful completion. pkcs11_inspect prints on stdout the login name and exits.

1

An error occurred. A user mapping error was found.

2

An error occurred. No user match was found.

EXAMPLES

Example 1 Using pklogin_finder

The following example runs the pklogin_finder command without any options: 

% pkcs11_inspect

Example 2 Using pklogin_finder with Options

The following example runs the pkcs_finder command with options: 

% pklogin_finder debug config_file=${HOME}/.pam_pkcs11.conf
FILES

/etc/security/pam_pkcs11/pam_pkcs11.conf

AUTHORS

Juan Antonio Martinez, jonsito@teleline.es

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
Availabilitylibrary/security/pam/module/pam-pkcs11
Interface StabilityUncommitted
SEE ALSO

pkcs11_inspect(1), attributes(5), pam_pkcs11(5)

PAM-PKCS11 User Manual, http://www.opensc-project.org/pam_pkcs11